Search-based Security Testing of Enterprise Microservices

被引:0
作者
Seran, Susruthan [1 ]
机构
[1] Kristiania Univ Coll, Oslo, Norway
来源
2024 IEEE CONFERENCE ON SOFTWARE TESTING, VERIFICATION AND VALIDATION, ICST 2024 | 2024年
基金
欧洲研究理事会;
关键词
Microservices; Automated mock generation; Search-based test generation; Search-based security testing; Search-based software engineering;
D O I
10.1109/ICST60714.2024.00056
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
This article presents Ph.D. research that focuses on the possibilities of adopting search-based software testing methods for microservice-based software systems to improve the software's quality and security. The research is aimed at exploring the possibilities of automatically mocking external web service dependencies of the system under test and detecting security faults through different entry points (e.g., external web services and messaging backbones) using search-based white-box fuzzing. Additionally, the article also discusses the evaluation method, the current status of the research, potential outcomes, and the contribution of the research.
引用
收藏
页码:463 / 465
页数:3
相关论文
共 26 条
  • [1] Ahsan Fatma, 2023, Computational Intelligence: Select Proceedings of InCITe 2022. Lecture Notes in Electrical Engineering (968), P207, DOI 10.1007/978-981-19-7346-8_19
  • [2] A Systematic Review of the Application and Empirical Investigation of Search-Based Test Case Generation
    Ali, Shaukat
    Briand, Lionel C.
    Hemmati, Hadi
    Panesar-Walawege, Rajwinder K.
    [J]. IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, 2010, 36 (06) : 742 - 762
  • [3] [Anonymous], Owasp top ten 2017
  • [4] Arcuri A., 2014, ACMIEEE INT C AUTOMA, P79, DOI DOI 10.1145/2642937.2642986
  • [5] EMB: A Curated Corpus of Web/Enterprise Applications And Library Support for Software Testing Research
    Arcuri, Andrea
    Zhang, Man
    Golmohammadi, Amid
    Belhadi, Asma
    Galeotti, Juan P.
    Marculescu, Bogdan
    Seran, Susruthan
    [J]. 2023 IEEE CONFERENCE ON SOFTWARE TESTING, VERIFICATION AND VALIDATION, ICST, 2023, : 433 - 442
  • [6] Building an open-source system test generation tool: lessons learned and empirical analyses with EvoMaster
    Arcuri, Andrea
    Zhang, Man
    Belhadi, Asma
    Marculescu, Bogdan
    Golmohammadi, Amid
    Galeotti, Juan Pablo
    Seran, Susruthan
    [J]. SOFTWARE QUALITY JOURNAL, 2023, 31 (03) : 947 - 990
  • [7] EvoMaster: Evolutionary Multi-context Automated System Test Generation
    Arcuri, Andrea
    [J]. 2018 IEEE 11TH INTERNATIONAL CONFERENCE ON SOFTWARE TESTING, VERIFICATION AND VALIDATION (ICST), 2018, : 394 - 397
  • [8] Generating TCP/UDP Network Data for Automated Unit Test Generation
    Arcuri, Andrea
    Fraser, Gordon
    Galeotti, Juan Pablo
    [J]. 2015 10TH JOINT MEETING OF THE EUROPEAN SOFTWARE ENGINEERING CONFERENCE AND THE ACM SIGSOFT SYMPOSIUM ON THE FOUNDATIONS OF SOFTWARE ENGINEERING (ESEC/FSE 2015) PROCEEDINGS, 2015, : 155 - 165
  • [9] A Hitchhiker's guide to statistical tests for assessing randomized algorithms in software engineering
    Arcuri, Andrea
    Briand, Lionel
    [J]. SOFTWARE TESTING VERIFICATION & RELIABILITY, 2014, 24 (03) : 219 - 250
  • [10] A Practical Guide for Using Statistical Tests to Assess Randomized Algorithms in Software Engineering
    Arcuri, Andrea
    Briand, Lionel
    [J]. 2011 33RD INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING (ICSE), 2011, : 1 - 10
123